cmaurand at xyonet.com
Tue Feb 16 13:54:29 CST 2010
I haven't run BIND in a number of years.
On 2/15/2010 2:06 PM, Charles N Wyble wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Tony Finch wrote:
>> On Mon, 15 Feb 2010, Charles N Wyble wrote:
>>> How are folks verifying DNSSEC readiness of their environments? Any
>>> existing testing methodologies / resources that folks are using?
>> Here's my summary of the situation (as of a couple of months ago) with
>> links to a few key resources: http://fanf.livejournal.com/104774.html
> Most interesting. Thanks.
> - From https://www.dns-oarc.net/oarc/services/replysizetest
> charles at charles-laptop:~] dig +short rs.dns-oarc.net txt
> "220.127.116.11 sent EDNS buffer size 4096"
> "18.104.22.168 DNS reply size limit is at least 3843"
> "Tested at 2010-02-15 19:03:47 UTC"
> charles at charles-laptop:~]
> I have a local BIND server I use for DNS. It's whatever Ubuntu 9.10
> installs with apt-get, and a cisco 1841 as my edge router.
> I imagine that is a pretty standard setup in a lot of user sites (linux
> with bind and a cisco router of some sort).
> Will do further investigation.
> - --
> Charles N Wyble
> Linux Systems Engineer
> charles at knownelement.com (818)280-7059
> Unless agreed upon, assume everything in this e-mail might be blogged.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> -----END PGP SIGNATURE-----
More information about the NANOG